CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-34119 – Ubuntu Security Notice USN-7189-1
https://notcve.org/view.php?id=CVE-2021-34119
18 Jul 2023 — A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file. It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. It was discovered that HTMLDOC incorrectly handled memory in pspdf_export, which could lead to a double-free. An attacker coul... • https://github.com/michaelrsweet/htmldoc/commit/85fa76d77ed69927d24decf476e69bedc7691f48 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-34121 – Ubuntu Security Notice USN-7189-1
https://notcve.org/view.php?id=CVE-2021-34121
18 Jul 2023 — An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parse_tree() in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution. It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attacker could potentially use this issue to cause a denial of service or execute arbitrary code. It was discovered that HTMLDOC incorrectly handled memory in... • https://github.com/michaelrsweet/htmldoc/commit/c67bbd8756f015e33e4ba639a40c7f9d8bd9e8ab • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0137 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-0137
14 Nov 2022 — A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries. Un desbordamiento del búfer en la función image_set_mask de HTMLDOC anterior a 1.9.15 permite a un atacante escribir fuera de los límites del búfer. It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lzw, write_header and write_node functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause ... • https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-34035 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-34035
18 Jul 2022 — HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588. Se ha detectado que HTMLDoc versiones v1.9.12 y anteriores, contienen un desbordamiento de pila por medio de e_node htmldoc/htmldoc/html.cxx:588 It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lzw, write_header and write_node functions, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execut... • https://github.com/michaelrsweet/htmldoc/commit/a0014be47d614220db111b360fb6170ef6f3937e • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-28085 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-28085
27 Apr 2022 — A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS). Se ha encontrado un fallo en el commit 31f7804 de htmldoc. Un desbordamiento del búfer de la pila en la función pdf_write_names en el archivo ps-pdf.cxx puede conllevar a una ejecución de código arbitrario y una Denegación de Servicio (DoS) It was discovered that HTMLDOC incorrectly handled memory in the image_set_mask, git_read_lz... • https://github.com/michaelrsweet/htmldoc/commit/46c8ec2b9bccb8ccabff52d998c5eee77a228348 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-24191 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2022-24191
04 Apr 2022 — In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow. En HTMLDOC versión 1.9.14, un bucle infinito en la función gif_read_lzw puede conllevar a que un puntero apunte arbitrariamente a la memoria de la pila y resulte en un desbordamiento del búfer Multiple vulnerabilities have been discovered in HTMLDOC, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 1.9.16 are ... • https://github.com/michaelrsweet/htmldoc/issues/470 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 2CVE-2021-43579 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-43579
12 Nov 2021 — A stack-based buffer overflow in image_load_bmp() in HTMLDOC <= 1.9.13 results in remote code execution if the victim converts an HTML document linking to a crafted BMP file. Un desbordamiento de búfer en la región stack de la memoria en la función image_load_bmp() en HTMLDOC versiones anteriores a 1.9.13 incluyéndola, resulta en una ejecución de código remota si la víctima convierte un documento HTML que enlaza con un archivo BMP diseñado Multiple vulnerabilities have been discovered in HTMLDOC, the worst ... • https://github.com/michaelrsweet/htmldoc/commit/27d08989a5a567155d506ac870ae7d8cc88fa58b • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-40985 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-40985
03 Nov 2021 — A stack-based buffer under-read in htmldoc before 1.9.12, allows attackers to cause a denial of service via a crafted BMP image to image_load_bmp. Una vulnerabilidad de desbordamiento del búfer under-read en htmldoc versiones anteriores a 1.9.12, permite a atacantes causar una denegación de servicio por medio de una imagen BMP diseñada a la función image_load_bmp. Multiple vulnerabilities have been discovered in HTMLDOC, the worst of which can lead to arbitrary code execution. Versions greater than or equal... • https://github.com/michaelrsweet/htmldoc/commit/f12b9666e582a8e7b70f11b28e5ffc49ad625d43 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 2CVE-2021-23165 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-23165
28 Jun 2021 — A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service. Se ha encontrado un fallo en htmldoc versiones anteriores av1.9.12. Un desbordamiento del búfer de la pila en la función pspdf_prepare_outpages(), en el archivo ps-pdf.cxx puede conllevar a una ejecución de código arbitrario y a una denegación de servicio It was discovered that HTMLDOC did not properly manage memory under certain circumstances.... • https://bugzilla.redhat.com/show_bug.cgi?id=1967014 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-23158 – Gentoo Linux Security Advisory 202405-07
https://notcve.org/view.php?id=CVE-2021-23158
28 Jun 2021 — A flaw was found in htmldoc in v1.9.12. Double-free in function pspdf_export(),in ps-pdf.cxx may result in a write-what-where condition, allowing an attacker to execute arbitrary code and denial of service. Se ha encontrado un fallo en htmldoc en versión 1.9.12. Una doble liberación en la función pspdf_export(), en el archivo ps-pdf.cxx puede resultar en una condición de escritura en cualquier lugar, permitiendo a un atacante ejecutar código arbitrario y denegación de servicio It was discovered that HTMLDOC... • https://bugzilla.redhat.com/show_bug.cgi?id=1967018 • CWE-415: Double Free •